$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140421.roa File: AS140421.roa (raw, json) Hash identifier: O9YZ3wGnUQ57Sequ1WCa+93jVAA893xEE28QjWC8d6s= Subject key identifier: 8E:BC:E8:8E:CD:A3:BC:6F:4A:E1:35:83:33:A6:54:1A:A9:2B:1F:A0 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 6DFE3ED837369C339622F3FE5E30F12DB1FC996F Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140421.roa Signing time: Tue 10 Dec 2024 05:00:12 +0000 ROA not before: Tue 10 Dec 2024 04:55:12 +0000 ROA not after: Tue 09 Dec 2025 05:00:12 +0000 asID: 140421 IP address blocks: 103.148.88.0/23 maxlen: 24 2001:df2:c980::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:fe:3e:d8:37:36:9c:33:96:22:f3:fe:5e:30:f1:2d:b1:fc:99:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Dec 10 04:55:12 2024 GMT Not After : Dec 9 05:00:12 2025 GMT Subject: CN=8EBCE88ECDA3BC6F4AE1358333A6541AA92B1FA0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:a2:52:ce:72:31:72:92:be:a5:4a:c3:b4:e7: 89:e2:16:7b:25:ec:46:03:78:41:17:8f:c7:ca:93: 18:26:ac:d1:a5:81:29:8d:42:92:de:e7:d0:7a:62: c6:7d:c3:b8:78:91:36:b9:4a:8c:57:d3:ee:6b:7f: f9:ef:c6:e6:0f:15:0d:6b:6a:6f:42:32:60:86:87: 25:16:7c:99:b2:1d:c0:a0:7b:56:c9:9c:12:b7:ff: 9f:e7:30:26:69:75:a9:29:fe:15:3c:a6:e6:94:09: 77:01:49:e0:80:1e:84:33:2b:b1:86:0f:6e:b2:c1: be:26:03:20:e8:cb:4d:cc:31:19:56:82:c2:6b:a7: c6:57:ca:b1:fc:e8:4b:f7:e8:75:01:1d:54:69:01: 58:11:9c:1a:47:54:fa:f1:a2:f7:8f:c6:33:b1:ec: 7b:f9:c6:39:a5:8e:c7:a7:70:b7:f1:07:28:31:58: 24:d3:29:6a:2c:61:c8:53:eb:b3:3e:ac:53:54:a5: 2a:47:80:61:f0:30:4c:fa:2e:90:88:e2:ae:63:0e: d1:04:f2:c1:63:c9:37:16:8d:8f:0a:97:6c:71:b2: 2a:41:87:25:0b:08:06:84:06:f9:85:8e:63:0a:22: 58:df:00:c8:71:4b:9b:25:59:37:d2:7a:2e:00:2e: 28:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:BC:E8:8E:CD:A3:BC:6F:4A:E1:35:83:33:A6:54:1A:A9:2B:1F:A0 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140421.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.148.88.0/23 IPv6: 2001:df2:c980::/48 Signature Algorithm: sha256WithRSAEncryption 27:6a:2d:a2:23:2c:cc:21:6b:fb:6e:ad:fa:a8:6d:3f:cc:26: 78:51:87:74:2e:5f:a7:dd:46:e1:48:64:69:b0:d1:8a:1e:e4: 96:11:4a:e1:d3:b2:3c:a7:fb:72:0f:80:ea:64:75:2f:f3:a2: 79:fb:05:26:09:cd:51:88:57:46:3f:58:ad:06:b4:a3:4e:d3: 1a:22:7c:fa:3d:a3:28:0a:77:89:97:43:b5:13:cb:c3:67:40: 56:33:59:71:3e:e3:ef:9e:c4:97:db:1c:8e:6a:a6:fb:19:ac: 38:d1:6c:0e:06:70:d8:7b:b5:3d:93:3d:f9:a4:aa:a4:76:4e: b7:59:d3:c1:42:ea:a2:13:86:54:d8:4c:10:28:49:81:7c:4d: b6:71:86:35:b4:af:5d:c7:f0:e3:db:b7:c2:4e:38:c6:80:44: 9e:83:7a:4c:4c:46:bc:38:f5:47:b3:53:ef:ef:3b:00:9e:43: 91:11:4c:77:cc:b4:d0:67:6a:ef:52:4c:e4:0f:89:90:a6:91: 7b:94:bf:74:17:a9:81:5a:7d:1e:cb:4a:9f:b6:8d:31:1b:cf: c5:dd:31:50:10:a0:03:dd:31:6c:32:2a:65:25:8f:2e:e7:98: 31:aa:22:2a:ca:20:63:b1:25:8b:82:b4:08:11:d4:27:13:b4: 3d:cc:dc:55 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUbf4+2Dc2nDOWIvP+XjDxLbH8mW8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIxMDA0NTUxMloX DTI1MTIwOTA1MDAxMlowMzExMC8GA1UEAxMoOEVCQ0U4OEVDREEzQkM2RjRBRTEz NTgzMzNBNjU0MUFBOTJCMUZBMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANSiUs5yMXKSvqVKw7TnieIWeyXsRgN4QRePx8qTGCas0aWBKY1Ckt7n0Hpi xn3DuHiRNrlKjFfT7mt/+e/G5g8VDWtqb0IyYIaHJRZ8mbIdwKB7VsmcErf/n+cw Jml1qSn+FTym5pQJdwFJ4IAehDMrsYYPbrLBviYDIOjLTcwxGVaCwmunxlfKsfzo S/fodQEdVGkBWBGcGkdU+vGi94/GM7Hse/nGOaWOx6dwt/EHKDFYJNMpaixhyFPr sz6sU1SlKkeAYfAwTPoukIjirmMO0QTywWPJNxaNjwqXbHGyKkGHJQsIBoQG+YWO YwoiWN8AyHFLmyVZN9J6LgAuKN0CAwEAAaOCAeEwggHdMB0GA1UdDgQWBBSOvOiO zaO8b0rhNYMzplQaqSsfoDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MDQyMS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEAWeUWDAPBAIAAjAJAwcAIAEN8smAMA0GCSqGSIb3DQEBCwUAA4IB AQAnai2iIyzMIWv7bq36qG0/zCZ4UYd0Ll+n3UbhSGRpsNGKHuSWEUrh07I8p/ty D4DqZHUv86J5+wUmCc1RiFdGP1itBrSjTtMaInz6PaMoCneJl0O1E8vDZ0BWM1lx PuPvnsSX2xyOaqb7Gaw40WwOBnDYe7U9kz35pKqkdk63WdPBQuqiE4ZU2EwQKEmB fE22cYY1tK9dx/Dj27fCTjjGgESeg3pMTEa8OPVHs1Pv7zsAnkOREUx3zLTQZ2rv UkzkD4mQppF7lL90F6mBWn0ey0qfto0xG8/F3TFQEKAD3TFsMiplJY8u55gxqiIq yiBjsSWLgrQIEdQnE7Q9zNxV -----END CERTIFICATE-----Generated at Sat Apr 5 06:26:42 2025 by rpki-client